DNS Security

Sec+ Glossary πŸ“– β€’ Network Security 🌐 β€’ Protocols πŸ”— β€’ Difficulty: premium

What is DNS Security?

DNS security is the set of controls that protect the Domain Name System from misuse, manipulation, and attacks. It focuses on keeping name resolution trustworthy and available, preventing redirection to malicious destinations, and detecting DNS-based threats such as spoofing, hijacking, and data exfiltration.

Examples

  • An organization uses DNS filtering to block requests to known malicious domains and phishing infrastructure.
  • DNSSEC is enabled for a domain so resolvers can verify that DNS answers have not been tampered with.

Discover πŸ”Ž

DNS is often described as the internet’s phonebook, but from a security perspective it is also a powerful control point and a common attack path. Almost every connection begins with a DNS lookup. If an attacker can influence DNS responses, they can redirect users to fake websites, route traffic through malicious systems, or hide command-and-control activity inside normal-looking DNS traffic.

Remember: If you can control DNS, you can often control where users and systems connect. That makes DNS both a target and a defensive tool.

Summary πŸ“

DNS security protects name resolution from manipulation and abuse. Attackers target DNS through spoofing, hijacking, cache poisoning, tunneling, and infrastructure disruption because DNS influences where users and systems connect. Effective DNS security combines integrity controls like DNSSEC, strong registrar protection, centralized trusted resolvers, DNS filtering, and monitoring to detect suspicious behavior.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.